What to Know
- Binance recently took to X and assured users that their funds were safe as the exchange wasn’t affected by the recent supply chain hack.
- Hackers initiated a JavaScript attack on Monday, September 8, which impacted the Web3 industry greatly.
- However, despite the attack’s exorbitant scale, hackers could only get hold of $503.
Crypto exchange Binance declared that it was not impacted by a recent supply chain compromise that has briefly rocked the software ecosystem used by Web3 developers. On X, the team responded to the problem and informed its customers that user data and assets are not lost.
Binance Responds to Latest Supply Chain Hack
“We’re aware of the recent supply chain attack, which published malicious versions of several widely used JavaScript packages,” the crypto exchange wrote. They added “After investigation, we’ve confirmed we were not impacted and no customer data or assets are at risk. Security remains our top priority – this compromise is a reminder of how critical supply chain security is. Stay SAFU.”
The event cropped up after hackers duped developers with fake emails purporting support by the Node Package Manager (NPM). Such phishing messages obtained credentials of logging in and allowed unauthorized uploads of modified versions of packages.
We’re aware of the recent supply chain attack, which published malicious versions of several widely used JavaScript packages. Together, these packages collectively see over 2 billion weekly downloads.
After investigation, we’ve confirmed we were not impacted and no customer… pic.twitter.com/aqLc6mRBSq
— Binance Wallet (@BinanceWallet) September 9, 2025
According to Charles Guillemet, Chief Technology Officer at Ledger, the altered updates were designed to interfere with “web-crypto activity across Ethereum, Solana, and other chains by swapping destination addresses inside network responses.” Guillemet added that it did not take long before the scheme was detected due to technical errors by the attackers.
“Implementation mistakes caused CI/CD pipelines to crash, triggering rapid discovery and limiting the impact size,” he explained in a post. Guillemet stressed that losses were not too high, but the episode made people realize how vulnerable the ecosystem is.
On Monday, when the extent of the compromise had not yet been clearly received, Guillemet advised the community to be cautious. “There’s a large-scale supply chain attack in progress: the NPM account of a reputable developer has been compromised,” he warned. “If you use a hardware wallet, pay attention to every transaction before signing, and you’re safe. If you don’t use a hardware wallet, refrain from making any on-chain transactions for now.”
Blockchain researcher 0xCygaar was among the first to label the incident a “supply chain attack currently affecting the NPM account of a reputable developer.” Meanwhile, security researchers claimed that the size was the first-ever since the targeted packages had already been downloaded by billions of users before the intrusion being reported.
Hackers Failed Miserably With Only $503 Pocketed
Regardless of the amount of damage that could have been caused, on-chain investigators estimated that the stolen assets by the attackers were just a few hundred dollars. Analytics tool Arkham Intelligence traced about $503 in crypto associated with addresses that were found during the first alert of Guillemet.
By Tuesday morning, a series of large crypto platforms had assured their clients that they were not hit by the malicious code. Supporting teams Uniswap, MetaMask, Aave, Lido, OKX Wallet, Sui, Morpho, and Trezor all assured that they had reviewed their dependencies and no effect was observed.
Groups that focus on the digital threats characterized the result as auspicious. SEAL Org observed that an account that pushed packages downloaded several hundred million times in a week was capable of being worth colossal revenue, provided the payload was better made.
Although the direct harm was minimal, analysts indicated the tendency of hackers to use the combination of blockchain infrastructure and conventional open-source software to disseminate malware. Inquiries revealed that assailants inserted control-codes into Ethereum smart contracts, which were afterwards employed to guide wicked action in NPM-distributed code.
Guillemet again repeated that the latest compromise must not be rejected. “The immediate danger may have passed, but the threat hasn’t,” he said. Thus, he recommended both developers and users to gravitate towards hardware wallets and use clear signing capabilities when communicating with crypto transactions.
Also Read: Altcoin Leverage Frenzy: What ENA, TRUMP, and Market Data Reveal
